5 Security Bulletins were released – 1 Critical, 4 Important, and 0 Moderate
This Month In Brief
We have not uncovered any widespread problems with any of these patches and are releasing all of them.
MS13-047 is rated Critical and patches a vulnerability in all versions of Internet Explorer. After your next patch cycle completes you should follow up and make sure this is installed. MS13-051 is also a concern. It’s rated “Important” because user interaction is required however that “interaction” is simply opening a PNG file.
- Publically disclosed: None
- Being exploited: MS13-051
- Rated CRITICAL: MS13-047
- (The Severity Rating System: http://technet.microsoft.com/en-us/security/bulletin/rating)
- Servers: Yes
- Workstations: Yes
New Security Bulletins
|MS13-047 Cumulative Security Update for Internet Explorer (2838727)
|(Internet Explorer) The most severe vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer.
|MS13-048 Vulnerability in Windows Kernel Could Allow Information Disclosure (2839229)
|(Windows kernel) The vulnerability could allow information disclosure if an attacker logs on to a system and runs a specially crafted application or convinces a local, logged-in user to run a specially crafted application.
|MS13-049 Vulnerability in Kernel-Mode Driver Could Allow Denial of Service (2845690)
|(Windows kernel mode driver) The vulnerability could allow denial of service if an attacker sends specially crafted packets to the server.
|MS13-050 Vulnerability in Windows Print Spooler Components Could Allow Elevation of Privilege (2839894)
|(Print Spooler) The vulnerability could allow elevation of privilege when an authenticated attacker deletes a printer connection.
|MS13-051 Vulnerability in Microsoft Office Could Allow Remote Code Execution (2839571)
|(Microsoft Office) The vulnerability could allow remote code execution if a user opens a specially crafted Office document using an affected version of Microsoft Office software, or previews or opens a specially crafted email message in Outlook while using Microsoft Word as the email reader.